CVE-2021-26085: Atlassian Confluence Server – Local File Inclusion
漏洞标题 CVE-2021-26085: Atlassian Confluence Server - Local File Inclusion 漏洞描述 Atlassian Confluence Server allows remote attackers to view restricted resources via local file...
CVE-2021-31316: CentOS Web Panel – SQL Injection
漏洞标题 CVE-2021-31316: CentOS Web Panel - SQL Injection 漏洞描述 The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession'...
CVE-2024-29889: GLPI 10.0.10-10.0.14 – SQL Injection
漏洞标题 CVE-2024-29889: GLPI 10.0.10-10.0.14 - SQL Injection 漏洞描述 GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit ...
CVE-2024-10516: Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion
漏洞标题 CVE-2024-10516: Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion 漏洞描述 A vulnerability in Swift Performance Lite before version 2.3.7.2 allows unauthentic...
Nginx服务器添加Systemd自定义服务过程解析_nginx
这篇文章主要介绍了Nginx服务器添加Systemd自定义服务过程解析,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 一、以nginx为例 使用yum命...
CVE-2021-3007: Laminas Project laminas-http – Remote Code Execution
漏洞标题 CVE-2021-3007: Laminas Project laminas-http - Remote Code Execution 漏洞描述 Laminas Project laminas-http < 2.14.2 and Zend Framework 3.0.0 contain a deserialization vu...
CVE-2017-18492: Contact Form to DB by BestWebSoft < 1.5.7 - Cross-Site Scripting
漏洞标题 CVE-2017-18492: Contact Form to DB by BestWebSoft < 1.5.7 - Cross-Site Scripting 漏洞描述 The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issu...
CVE-2020-9484: Apache Tomcat Remote Command Execution
漏洞标题 CVE-2020-9484: Apache Tomcat Remote Command Execution 漏洞描述 When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7...
CVE-2018-15517: D-Link Central WifiManager – Server-Side Request Forgery
漏洞标题 CVE-2018-15517: D-Link Central WifiManager - Server-Side Request Forgery 漏洞描述 D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect...
CVE-2022-1937: WordPress Awin Data Feed <=1.6 - Cross-Site Scripting
漏洞标题 CVE-2022-1937: WordPress Awin Data Feed <=1.6 - Cross-Site Scripting 漏洞描述 WordPress Awin Data Feed plugin 1.6 and prior contains a cross-site scripting vulnerabilit...
CVE-2023-47218: QNAP QTS and QuTS Hero – OS Command Injection
漏洞标题 CVE-2023-47218: QNAP QTS and QuTS Hero - OS Command Injection 漏洞描述 An OS command injection vulnerability has been reported to affect several QNAP operating system vers...
CVE-2023-3848: MooDating 1.2 – Cross-site scripting
漏洞标题 CVE-2023-3848: MooDating 1.2 - Cross-site scripting 漏洞描述 A vulnerability, which was classified as problematic, has been found in mooSocial mooDating 1.2. This issue af...
CVE-2021-3110: PrestaShop 1.7.7.0 – SQL Injection
漏洞标题 CVE-2021-3110: PrestaShop 1.7.7.0 - SQL Injection 漏洞描述 PrestaShop 1.7.7.0 contains a SQL injection vulnerability via the store system. It allows time-based boolean SQL...
CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...
CVE-2020-20627: GiveWP – Missing Authorization to Settings Update
漏洞标题 CVE-2020-20627: GiveWP - Missing Authorization to Settings Update 漏洞描述 GiveWP plugin through 2.5.9 for WordPress contains an unauthenticated settings change caused by ...
CVE-2022-24264: Cuppa CMS v1.0 – SQL injection
漏洞标题 CVE-2022-24264: Cuppa CMS v1.0 - SQL injection 漏洞描述 Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ ...
